[Samba] RE: Winbind and Organization Unit
Tom Dickson
tdickson at inostor.com
Thu Jun 19 15:43:52 GMT 2003
> I'm using Samba 2.2.8a with winbind on a Red hat System
> (kernel 2.4.20 + acl) within a W2K Domain compiled
> with the good options (I hope)
> Winbind can authentify users when the user is a Global
> User but not when he's in an Organization Unit.
> I need that winbind is able to authentify OU's users.
> Normally I've access only to my OU so how to tell to
> winbind to check only in a specific.
> Someone knows how to do that ??
> TIA,
> D.
I'm using 2.2.8a against a W2K DC in Native mode, and I see users in OUs
perfectly fine; however, if you give permissions based on Groups, normal
Winbind won't see Domain Local Groups (only Global + Universal). Try this
patch (you have to recompile from source):
ftp://ftp.samba.org/pub/tridge/misc/samba_22_local_group.patch
The patch is against 2.2.8, so there is this issue with it:
I have built a samba rpm based on the samba.org samba-2.2.8a-1
added --with-acl-support
applied the samba_22_local_group.patch
<aside>
The patch failed one small block of code,(1 "Hunk" at smbd/trans2.c
line 249)
but a brief inspection suggests that that Hunk fixes a buffer
overflow risk,
which was otherwise fixed in the 2.2.8a branch (new "SAFE_STRING"
code)
</aside>
More information about the samba
mailing list